
{% if env == 'staging' %}
suffix = "stg.phx2.fedoraproject.org"
app_hosts = [
    "app01.stg.phx2.fedoraproject.org",
    "app02.stg.phx2.fedoraproject.org",
]
topic_prefix = "org.fedoraproject.stg."
{% else %}
suffix = "phx2.fedoraproject.org"
app_hosts = [
    "app01.phx2.fedoraproject.org",
    "app02.phx2.fedoraproject.org",
    "app03.phx2.fedoraproject.org",
    "app04.phx2.fedoraproject.org",
    "app05.fedoraproject.org",
    "app07.phx2.fedoraproject.org",
    "app08.fedoraproject.org",
]
topic_prefix = "org.fedoraproject.prod."
{% endif %}

vpn_suffix = "vpn.fedoraproject.org"

config = dict(
    sign_messages=True,
    validate_signatures=True,
    ssldir="/etc/pki/fedmsg",

    crl_location="https://fedoraproject.org/fedmsg/crl.pem",
    crl_cache="/var/run/fedmsg/crl.pem",
    crl_cache_expiry=86400,  # Daily

    certnames=dict(
    [
        ("shell.app0%i" % i, "shell-%s" % app_hosts[i-1])
        for i in range(1, len(app_hosts) + 1)
    ] + [
        ("bodhi.app0%i" % i, "bodhi-%s" % app_hosts[i-1])
        for i in range(1, len(app_hosts) + 1)
    ] + [
        ("pkgdb.app0%i" % i, "pkgdb-%s" % app_hosts[i-1])
        for i in range(1, len(app_hosts) + 1)
    ] + [
        ("mediawiki.app0%i" % i, "mediawiki-%s" % app_hosts[i-1])
        for i in range(1, len(app_hosts) + 1)
    ] + [
        ("shell.fas0%i" % i, "shell-fas0%i.%s" % (i, suffix))
        for i in range(1, 4)
    ] + [
        ("fas.fas0%i" % i, "fas-fas0%i.%s" % (i, suffix))
        for i in range(1, 4)
    ] + [
        ("shell.packages0%i" % i, "shell-packages0%i.%s" % (i, suffix))
        for i in range(1, 3)
    ] + [
        ("fedoratagger.packages0%i" % i, "fedoratagger-packages0%i.%s" % (i, suffix))
        for i in range(1, 3)
    ] + [
        ("shell.pkgs0%i" % i, "shell-pkgs0%i.%s" % (i, suffix))
        for i in range(1, 2)
    ] + [
        ("scm.pkgs0%i" % i, "scm-pkgs0%i.%s" % (i, suffix))
        for i in range(1, 2)
    ] + [
        ("lookaside.pkgs0%i" % i, "lookaside-pkgs0%i.%s" % (i, suffix))
        for i in range(1, 2)
    ] + [
        ("shell.relepel01", "shell-relepel01.%s" % suffix),
        ("shell.releng01", "shell-releng01.%s" % suffix),
        ("shell.releng02", "shell-releng02.%s" % suffix),
        ("shell.releng03", "shell-releng03.%s" % suffix),
        ("shell.releng04", "shell-releng04.%s" % suffix),
        ("bodhi.relepel01", "bodhi-relepel01.%s" % suffix),
        ("bodhi.releng01", "bodhi-releng01.%s" % suffix),
        ("bodhi.releng02", "bodhi-releng02.%s" % suffix),
        ("bodhi.releng03", "bodhi-releng03.%s" % suffix),
        ("bodhi.releng04", "bodhi-releng04.%s" % suffix),
    ] + [
        ("busmon_consumers.busgateway01", "busmon-busgateway01.%s" % suffix),
        ("shell.busgateway01", "shell-busgateway01.%s" % suffix),
    ] + [
        ("shell.value01", "shell-value01.%s" % suffix),
        ("shell.value03", "shell-value03.%s" % suffix),
        ("supybot.value03", "supybot-value03.%s" % suffix),
    ] + [
        ("koji.koji04", "koji-koji04.%s" % suffix),
        ("koji.koji01", "koji-koji01.%s" % suffix),
        ("koji.koji03", "koji-koji03.%s" % suffix),
        ("shell.koji04", "shell-koji04.%s" % suffix),
        ("shell.koji01", "shell-koji01.%s" % suffix),
        ("shell.koji03", "shell-koji03.%s" % suffix),
    ] + [
        ("nagios.noc01", "nagios-noc01.%s" % suffix),
        ("shell.noc01", "shell-noc01.%s" % suffix),
    ] + [
        ("git.hosted03", "git-hosted03.%s" % vpn_suffix),
        ("git.hosted04", "git-hosted04.%s" % vpn_suffix),
        ("trac.hosted03", "trac-hosted03.%s" % vpn_suffix),
        ("trac.hosted04", "trac-hosted04.%s" % vpn_suffix),
        ("shell.hosted03", "shell-hosted03.%s" % vpn_suffix),
        ("shell.hosted04", "shell-hosted04.%s" % vpn_suffix),
    ] + [
        ("shell.lockbox01", "shell-lockbox01.%s" % suffix),
        ("announce.lockbox01", "announce-lockbox01.%s" % suffix),
    ] + [
        # These first two entries are here to placate a bug in
        # python-askbot-fedmsg-0.0.4.  They can be removed once
        # python-askbot-fedmsg-0.0.5 hits town.
        ("askbot.ask01.phx2.fedoraproject.org", "askbot-ask01.%s" % suffix),
        ("askbot.ask01.stg.phx2.fedoraproject.org", "askbot-ask01.%s" % suffix),

        ("askbot.ask01", "askbot-ask01.%s" % suffix),
        ("shell.ask01", "shell-ask01.%s" % suffix),

        ("askbot.ask02", "askbot-ask02.%s" % suffix),
        ("shell.ask02", "shell-ask02.%s" % suffix),

        ("fedbadges.badges-backend01", "fedbadges-badges-backend01.%s" % suffix),
        ("shell.badges-backend01", "shell-badges-backend01.%s" % suffix),

        ("summershum.summershum01", "summershum-summershum01.%s" % suffix),
        ("shell.summershum01", "shell-summershum01.%s" % suffix),

        ("tahrir.badges-web01", "tahrir-badges-web01.%s" % suffix),
        ("shell.badges-web01", "shell-badges-web01.%s" % suffix),
        ("tahrir.badges-web02", "tahrir-badges-web02.%s" % suffix),
        ("shell.badges-web02", "shell-badges-web02.%s" % suffix),

        ("shell.nuancier01", "shell-nuancier01.%s" % suffix),
        ("shell.nuancier02", "shell-nuancier02.%s" % suffix),
        ("nuancier.nuancier01", "nuancier-nuancier01.%s" % suffix),
        ("nuancier.nuancier02", "nuancier-nuancier02.%s" % suffix),

        ("shell.fedocal01", "shell-fedocal01.%s" % suffix),
        ("shell.fedocal02", "shell-fedocal02.%s" % suffix),
        ("fedocal.fedocal01", "fedocal-fedocal01.%s" % suffix),
        ("fedocal.fedocal02", "fedocal-fedocal02.%s" % suffix),

        ("shell.mailman01", "shell-mailman01.%s" % suffix),
        ("mailman.mailman01", "mailman-mailman01.%s" % suffix),

        ("shell.bodhi01", "shell-bodhi01.%s" % suffix),
        ("bodhi.bodhi01", "bodhi-bodhi01.%s" % suffix),

        # This is for the copr backend, which is a little different.  The
        # "cert-prefix" is just "copr", and is hardcoded in
        # backend/dispatcher.py.  The hostname is also a little different,
        # since it is an openstack node.  This might be a little fragile.  :/
        # See https://github.com/fedora-infra/fedmsg/issues/199 for the plan.
        ("copr.copr-be-i-00000407", "copr-copr-be.cloud.fedoraproject.org"),
        ("copr.copr-be", "copr-copr-be.cloud.fedoraproject.org"),
    ]),
    routing_policy={
        # The gist here is that only messages signed by the
        # bodhi-app0{1,2,3,4,5,6,7,8} certificates may bear the
        # "org.fedoraproject.prod.bodhi.update.request.stable" topic, or else
        # they fail validation and are either dropped or marked as invalid
        # (depending on the consumer's wishes).
        #
        # There is another option that we do not set.  If `routing_nitpicky` is
        # set to True, then a given message's topic *must* appear in this list
        # in order for it to pass validation.  For instance, we have
        # routing_nitpicky set to False by default and no
        # "org.fedoraproject.prod.logger.log" topics appear in this policy,
        # therefore, any message bearing that topic and *any* certificate signed
        # by our CA may pass validation.
        #
        topic_prefix + "bodhi.update.request.stable": [
            "bodhi-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "bodhi.update.request.testing": [
            "bodhi-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "bodhi.update.request.unpush": [
            "bodhi-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "bodhi.update.comment": [
            "bodhi-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "bodhi.buildroot_override.tag": [
            "bodhi-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "bodhi.buildroot_override.untag": [
            "bodhi-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "bodhi.mashtask.mashing": [
            "bodhi-releng04.%s" % suffix,
            "bodhi-relepel01.%s" % suffix,
        ],
        topic_prefix + "bodhi.mashtask.complete": [
            "bodhi-releng04.%s" % suffix,
            "bodhi-relepel01.%s" % suffix,
        ],


        # Compose (rel-eng) messages (use the bodhi certs)
        topic_prefix + "compose.rawhide.start": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.rawhide.complete": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.rawhide.mash.start": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.rawhide.mash.complete": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.rawhide.rsync.start": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.rawhide.rsync.complete": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.branched.start": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.branched.complete": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.branched.pungify.start": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.branched.pungify.complete": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.branched.mash.start": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.branched.mash.complete": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.branched.rsync.start": [
            "bodhi-releng03.%s" % suffix,
        ],
        topic_prefix + "compose.branched.rsync.complete": [
            "bodhi-releng03.%s" % suffix,
        ],


        #FAS messages
        topic_prefix + "fas.user.create": [
            "fas-fas0%i.%s" % (i, suffix) for i in range(1, 4)
        ],
        topic_prefix + "fas.user.update": [
            "fas-fas0%i.%s" % (i, suffix) for i in range(1, 4)
        ],
        topic_prefix + "fas.group.edit": [
            "fas-fas0%i.%s" % (i, suffix) for i in range(1, 4)
        ],
        topic_prefix + "fas.group.update": [
            "fas-fas0%i.%s" % (i, suffix) for i in range(1, 4)
        ],
        topic_prefix + "fas.group.create": [
            "fas-fas0%i.%s" % (i, suffix) for i in range(1, 4)
        ],
        topic_prefix + "fas.role.update": [
            "fas-fas0%i.%s" % (i, suffix) for i in range(1, 4)
        ],
        topic_prefix + "fas.group.member.remove": [
            "fas-fas0%i.%s" % (i, suffix) for i in range(1, 4)
        ],
        topic_prefix + "fas.group.member.sponsor": [
            "fas-fas0%i.%s" % (i, suffix) for i in range(1, 4)
        ],
        topic_prefix + "fas.group.member.apply": [
            "fas-fas0%i.%s" % (i, suffix) for i in range(1, 4)
        ],

        # Git/SCM messages
        topic_prefix + "git.receive": [
            "scm-pkgs01.%s" % suffix,
        ],
        topic_prefix + "git.lookaside.new": [
            "lookaside-pkgs01.%s" % suffix,
        ],

        # Tagger messages
        topic_prefix + "fedoratagger.tag.update": [
            "fedoratagger-packages0%i.%s" % (i, suffix) for i in range(1, 3)
        ],
        topic_prefix + "fedoratagger.tag.create": [
            "fedoratagger-packages0%i.%s" % (i, suffix) for i in range(1, 3)
        ],
        topic_prefix + "fedoratagger.user.rank.update": [
            "fedoratagger-packages0%i.%s" % (i, suffix) for i in range(1, 3)
        ],

        # Mediawiki messages
        topic_prefix + "wiki.article.edit": [
            "mediawiki-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "wiki.upload.complete": [
            "mediawiki-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],

        # Pkgdb messages
        topic_prefix + "pkgdb.acl.update": [
            "pkgdb-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "pkgdb.acl.request.toggle": [
            "pkgdb-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "pkgdb.acl.user.remove": [
            "pkgdb-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "pkgdb.owner.update": [
            "pkgdb-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "pkgdb.package.new": [
            "pkgdb-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "pkgdb.package.update": [
            "pkgdb-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "pkgdb.package.retire": [
            "pkgdb-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],
        topic_prefix + "pkgdb.critpath.update": [
            "pkgdb-%s" % app_hosts[i-1]
            for i in range(1, len(app_hosts) + 1)
        ],

        # Planet/venus
        topic_prefix + "planet.post.new": [
            "planet-people03.vpn.fedoraproject.org",
        ],

        # Supybot/meetbot
        topic_prefix + "meetbot.meeting.start": [
            "supybot-value03.%s" % suffix,
        ],

        # Only @spot and @rbergeron can use this one
        topic_prefix + "announce.announcement": [
            "announce-lockbox01.phx2.fedoraproject.org",
        ],
    },
)

